32 bool pam(
const std::string & s )
34 return !G::is_windows() && ( s ==
"pam:" || s ==
"/pam" ) ;
36 bool plain(
const std::string & s )
40 bool parse(
const std::string & s , std::string &
id , std::string & pwd )
47 void check(
const std::string & s )
53 if( !parse( s ,
id , pwd ) )
54 throw Secrets::ClientAccountError() ;
66 namespace imp = SecretsImp ;
67 if( !c.empty() ) imp::check( c ) ;
73 const std::string & log_name )
75 return std::make_unique<SecretsFileServer>( path , log_name ) ;
79 const std::string & log_name )
81 return std::make_unique<SecretsFileClient>( path , log_name ) ;
87 m_id_pwd(SecretsImp::plain(path)) ,
88 m_file(m_id_pwd?
std::string():path,true,log_name)
91 SecretsImp::parse( path , m_id , m_pwd ) ;
97bool GAuth::SecretsFileClient::validSelector( std::string_view selector )
const
100 return selector.empty() ;
101 else if( !m_file.valid() )
102 return selector.empty() ;
104 return m_file.containsClientSelector( selector ) ;
107bool GAuth::SecretsFileClient::mustAuthenticate( std::string_view selector )
const
111 else if( !m_file.valid() )
114 return m_file.containsClientSecret( selector ) ;
117GAuth::Secret GAuth::SecretsFileClient::clientSecret( std::string_view type , std::string_view selector )
const
119 if( m_id_pwd && type ==
"plain"_sv )
121 return { {m_id,
"base64"} , {m_pwd,
"base64"} } ;
129 return m_file.clientSecret( type , selector ) ;
136 m_pam(SecretsImp::pam(spec)) ,
137 m_file(m_pam?
std::string():spec,true,log_name)
144std::string GAuth::SecretsFileServer::source()
const
146 return m_pam ? std::string(
"pam:") : m_file.path() ;
149bool GAuth::SecretsFileServer::valid()
const
151 return m_pam || m_file.valid() ;
154GAuth::Secret GAuth::SecretsFileServer::serverSecret( std::string_view type , std::string_view
id )
const
157 return m_file.serverSecret( type ,
id ) ;
160std::pair<std::string,std::string> GAuth::SecretsFileServer::serverTrust(
const std::string & address_range )
const
163 return m_file.serverTrust( address_range ) ;
166bool GAuth::SecretsFileServer::contains( std::string_view type , std::string_view
id )
const
169 return m_file.containsServerSecret( type ,
id ) ;
Encapsulates a userid/shared-secret/hash-function tuple from the secrets file.
static Secret none()
Factory function that returns a secret that is not valid().
~SecretsFileClient() override
Destructor.
SecretsFileClient(const std::string &path_spec, const std::string &log_name)
Constructor. See GAuth::Secrets::newClientSecrets().
~SecretsFileServer() override
Destructor.
SecretsFileServer(const std::string &path, const std::string &log_name)
Constructor. See GAuth::Secrets::newServerSecrets().
static void check(const std::string &path, bool with_warnings)
Checks the given file.
static std::unique_ptr< SaslServerSecrets > newServerSecrets(const std::string &spec, const std::string &log_name)
Factory function for server secrets.
static void check(const std::string &client, const std::string &server, const std::string &pop)
Checks the given secret sources.
static std::unique_ptr< SaslClientSecrets > newClientSecrets(const std::string &spec, const std::string &log_name)
Factory function for client secrets.
static bool valid(std::string_view, bool strict=true)
Returns true if the string is a valid base64 encoding, possibly allowing for embedded newlines,...
static bool headMatch(std::string_view in, std::string_view head) noexcept
Returns true if the string has the given start (or head is empty).
static std::string tail(std::string_view in, std::size_t pos, std::string_view default_={})
Returns the last part of the string after the given position.
static std::string head(std::string_view in, std::size_t pos, std::string_view default_={})
Returns the first part of the string up to just before the given position.
SASL authentication classes.